au / rssauth
Provides a number of methods of getting rss feeds of non-public content as a logged in user
Installs: 28
Dependents: 0
Suggesters: 0
Security: 0
Stars: 3
Watchers: 2
Forks: 0
Open Issues: 0
Type:elgg-plugin
Requires
- php: >=5.4
- composer/installers: >=1.0.8
This package is auto-updated.
Last update: 2024-04-29 03:12:36 UTC
README
This plugin allows RSS feeds to display content of an Elgg user by HTTP authentication. The rss feeds may be in the following formats.
PUBLIC RSS FEED
<url>?view=rss
URL AUTHENTICATED RSS FEED
<url>?view=rss&username=<username>&password=<password>
Please note that this method is the most insecure as the username and password are visible in plain text in the url
TOKEN AUTHENTICATED RSS FEED
By visiting the tools configuration page a user can generate a unique token that can be appended to the url.
eg.
<url>blog/all?view=rss
Would become something like
<url>blog/all?view=rss&rssguid=38&rsstoken=48e198a2264328528a70d65abcedbe146f039c94
HTTP AUTHENTICATED RSS FEED
<url>?view=rssauth
Having view=rssauth in the url will return the headers requesting authentication Your rss feed can then supply the username and password.
Please note that this is also insecure as the credentials are passed in plain text but are not explicitly visible (as in the url example). This should be fine if used in conjunction with SSL.
ADDITIONALLY if you can find a way to send the HTTP credentials without requiring the authentication headers first, you can just use the the default ?view=rss and still receive an authenticated feed